/**
 * Licensed under the Apache License Version 2.0.
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 * License for the specific language governing permissions and limitations
 * under the License.
 */
package net.interknit.knitter.fw;

import java.util.Map;

import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.core.SecurityContext;
import javax.xml.namespace.QName;

public class AccessController
{
	private static AccessController instance;

	/**
	 * Factory method to create a singleton instance of AccessController.
	 *
	 * @return The singleton instance of AccessController.
	 */
	public static AccessController getInstance()
	{
		if(instance != null) return instance;

		try
		{
			String p = CustomProperties.getCustomProperty(CustomProperties.ACCESS_CONTROLLER_NAME);

			instance = (AccessController) Class.forName(p).newInstance();

			System.out.println("Interknit: Custom AccessController will be used: " + p);
		}
		catch(Exception e)
		{
			instance = new AccessController();

			System.err.println("Interknit: Custom AccessController could not created.");
		}

		return instance;
	}

	private QName serviceName;
	private String beanName;
	private Map<String, Object> serviceAttributes;

	/**
	 * @return the serviceName
	 */
	public QName getServiceName()
	{
		return this.serviceName;
	}

	/**
	 * @param serviceName the serviceName to set
	 */
	public void setServiceName(QName serviceName)
	{
		this.serviceName = serviceName;
	}

	/**
	 * @return the beanName
	 */
	public String getBeanName()
	{
		return this.beanName;
	}

	/**
	 * @param beanName the beanName to set
	 */
	public void setBeanName(String beanName)
	{
		this.beanName = beanName;
	}

	/**
	 * @return the serviceAttributes
	 */
	public Map<String, Object> getServiceAttributes()
	{
		return this.serviceAttributes;
	}

	/**
	 * @param serviceAttributes the serviceAttributes to set
	 */
	public void setServiceAttributes(Map<String, Object> serviceAttributes)
	{
		this.serviceAttributes = serviceAttributes;
	}

	/**
	 * Authorize the incoming invocation request using the values from the input HttpServletRequest object and
	 * the Map containing auxiliary values as String/Object pairs. Sub-class of AccessController should
	 * override and this method to provide an implementation that is suitable to the policies of the target IT
	 * landscape.
	 *
	 * @param securityContext
	 *            {@link SecurityContext} associated with this invocation
	 * @param httpRequest
	 *            Incoming {@link HttpServletRequest}
	 * @throws SecurityException
	 *             In case of the authorization failure
	 */
	public void allow(
			SecurityContext securityContext,
			HttpServletRequest httpRequest)
	throws SecurityException
	{
		;
	}
}
